Microsoft Bob

Just a short, simple blog for Bob to share some tips and tricks.

Be sure to check out my non-technical blog at www.bobsbasement.net.

Month List

IIS 6: Setting up SSL - Part 3: Installing the Certificate

In part three of my series on setting up SSL on IIS 6, I'll describe the steps that are necessary to install an SSL certificate. Simply out of convenience I broke this process into two sections:


Installing Your Certificate

  1. Bring up the properties for a website:

  2. Switch to the "Directory Security" tab and click "Server Certificate:"

  3. Click "Next" to bypass the first page:

  4. Choose to process the request and click "Next":

  5. Click "Browse" to the locate your certificate request:

  6. Browse to the location of your certificate, highlight it, and click "Open":

  7. Verify the location of your certificate and click "Next":

  8. Choose your SSL port and click "Next":

  9. Review the information to make sure it is correct and click "Next":

  10. Click "Finish" to close the wizard:

  11. Notice that you now have all the buttons available for SSL.


Verifying Your Certificate

  1. Click the "View Certificate" button:

  2. On the "General" tab, if the certificate is good you will see a normal certificate icon. (If no, you will see a warning or error icon.)

  3. On the "Certification Path" tab you will see your certificate hierarchy:

That wraps it up for creating, submitting, obtaining, and installing a certificate. In subsequent blogs I'll post some appendices with instructions about setting up Certificate Services on Windows Server 2003.

Note: This blog was originally posted at http://blogs.msdn.com/robert_mcmurray/

Posted: Feb 17 2011, 03:26 by Bob | Comments (0)
  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Filed under: IIS | SSL
Social Bookmarks: E-mail | Kick it! | DZone it! | del.icio.us

IIS 6: Setting up SSL - Part 2: Submitting a Certificate Request and Obtaining a Certificate

In part two of my series on setting up SSL on IIS 6, I'll describe the steps that are necessary to obtain an SSL certificate. Typically you would submit your certificate request to any one of several Certificate Authorities (CA); and there are several that are available. Here are just a few:

The steps to obtain a certificate differ for each CA, and it would be way outside the scope of my limited blogspace to include the steps for every CA on the Internet. So for my blog series I'm going to show how to use Certificate Services on Windows Server 2003 to obtain a certificate. This part of the process is broken into three steps:


Submit the Certificate Request

  1. Browse to the "Certificate Services" website, and then click the link to "Request a Certificate":

  2. Click the link to submit an "advanced certificate request":

  3. Click the link to "Submit a certificate request by using a base-64 encoded file":

  4. Copy the text from your certificate request file and paste it into the "Base-64 Encoded Certificate Request" text box, then click "Submit":

  5. By default, Certificate Services will return a message stating that your certificate is pending. You will need to notify your Certificate Services administrator that your certificate needs to be approved.

Note: As an alternative to copying the text from your certificate request file, when you are using Certificate Services on Windows Server 2003, you can use the application to read the file for you. To do so, you would need to change the step where you copy and paste the text to the following steps:

  1. Click the link to "Browse for a file to insert":

  2. You may be prompted whether to allow an ActiveX control to run; this warning may appear because the web application uses an ActiveX control to read the certificate request file. In order to continue, you need to click "Yes":

  3. When the subform appears, click the Browse button:

  4. Locate your certificate request file, and then click "Open":

  5. Click the "Read" button to load the text from your certificate request file, this will insert it into the form:

  6. Once the text from your certificate request file has been inserted, you can submit the form as you would have done if you had copied and pasted the text manually.

Certificate Processing

At this point the Certificate Authority (CA) will consider your request. I'll post a blog later with details about processing a request using Certificate Services on Windows Server 2003.


Obtain the Certificate

When your certificate request has been processed, you need to use the following steps to save your certificate to your system before you can process it.

  1. Browse to the "Certificate Services" website, and then click the link to "View the status of a pending certificate request":

  2. Click the link for your approved request.

  3. Click the link to "Download CA certificate":

  4. When prompted, click "Save":

  5. Save the file to somewhere convenient, like your desktop:

In the next post of this blog series, I'll show you how to install your certificate on IIS 6.

Note: This blog was originally posted at http://blogs.msdn.com/robert_mcmurray/

Posted: Feb 15 2011, 22:34 by Bob | Comments (0)
  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Filed under: IIS | SSL
Social Bookmarks: E-mail | Kick it! | DZone it! | del.icio.us

IIS 6: Setting up SSL - Part 1: Making a Request

In part one of my series on setting up SSL on IIS 6, I'll describe all of the steps that are necessary to request an SSL certificate for a website. Once you have completed your certificate request, you would send that to a Certificate Authority (CA) for approval. In subsequent blog posts I'll discuss submitting a certificate to a CA - specifically Certificate Services on Windows Server 2003 - and then I'll discuss obtaining a certificate and installing it on your IIS server. But for now, let's get started with a creating certificate request. To do so, use the following steps.

  1. Bring up the properties for a website:

  2. Switch to the "Directory Security" tab and click "Server Certificate:"

  3. Click "Next" to bypass the first page:

  4. Choose to "Create a new certificate" and click "Next":

  5. Choose to "Prepare the request now, but send later" and click "Next":

  6. Enter a friendly "Name" for the request, and your desired "Bit length". Click "Next":

  7. Enter your "Organization" and "Organization unit", then click "Next":

  8. Enter the "Common name" for your site then click "Next":

    Note: This must be the actual web address that users will browse to when they hit your site.

  9. Enter your "Country", "State", and "City", then click "Next":

  10. Enter the "File name" for your request, then click Next:

  11. Review the information for your request, then click Next:

  12. Click "Finish" to exit the wizard.

FYI: If you were to open your request file in Notepad, it will look something like the following:

In the next post of my blog series, I'll show you how to use Certificate Services on Windows Server 2003 to obtain a certificate.

Note: This blog was originally posted at http://blogs.msdn.com/robert_mcmurray/

Posted: Feb 14 2011, 16:12 by Bob | Comments (0)
  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Filed under: IIS | SSL
Social Bookmarks: E-mail | Kick it! | DZone it! | del.icio.us

Manually Localizing FPSE 2002 for Windows Server 2008 and Windows Vista

The FrontPage Server Extensions from Ready-to-Run Software, Inc. (RTR), are available and supported only in the English language. But that being said, the localized language files for FPSE 2002 are available for download from Microsoft, and if you're willing to do a little work, you can configure the FPSE 2002 administration pages for your website to be displayed in sixteen different languages. (The specific list of languages is provided later in this blog.)

Please note that this information is being presented "as-is" and is not officially supported by Microsoft or RTR.

Downloading and Installing the Localized FPSE 2002 Files

Download the self-extracting MSGS.EXE page that contains the FPSE 2002 language files from the following URL:

Extract the FPSE 2002 files by double-clicking the MSGS.EXE file and specifying an output folder.

By default, the installation package will install all of the localized files to the FPSE 2002 parent folder that is located at:

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\50

If you run the installation package on your server and accept the default path, then all of the languages will be available on your server.

However, if you only want to have one or more specific languages available, you would need to specify an alternate output folder for the extraction process. Under the output folder that you specified, you will see three folders: admisapi, bin, and isapi. Each of these folders will contain several subfolders, each of which contains the files for each of the localized languages. Each language that you want to have available on your server will need to be copied to their corresponding folders under the FPSE 2002 parent folder at:

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\50

You may copy all of the localized files to your FPSE directories, or you can select a single language by locating just the appropriate localized subfolders. For example, if you extracted the FPSE 2002 files to your C:\Temp folder and you wanted just the German language files, you would need to select the following folders:

C:\Temp\admisapi\1031

C:\Temp\bin\1031

C:\Temp\isapi\_vti_adm\help\1031

And you would copy those folders to the following paths:

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\50\admisapi\1031

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\50\bin\1031

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\50\isapi\_vti_adm\help\1031

Specifying the Language for an FPSE 2002 Website

Open the service.cnf file for one of your websites in Windows Notepad; this file will be kept in the _vti_pvt folder for a website. For example, for the Default Web Site this file would be at:

C:\Inetpub\wwwroot\_vti_vt\service.cnf

Choose the language abbreviation for your desired language from the list below. For example, if you were using German your abbreviation would be "de-de."

Language Description LCID Abbreviation
Arabic - Saudi Arabia 1025 ar-sa
Chinese - Taiwan 1028 zh-tw
German - Germany 1031 de-de
English - United States 1033 en-us
French - France 1036 fr-fr
Hebrew 1037 he
Italian - Italy 1040 it-it
Japanese 1041 ja
Korean 1042 ko
Dutch - Netherlands 1043 nl-nl
Portuguese - Brazil 1046 pt-br
Swedish - Sweden 1053 sv-se
Thai 1054 th
Chinese - China 2052 zh-cn
Chinese - Hong Kong SAR 3076 zh-hk
Spanish – Spain (Modern) 3082 es-es
See http://msdn.microsoft.com/en-us/library/0h88fahh.aspx for additional information about these languages and their related codes.

In the service.cnf file, locate the vti_defaultlanguage entry and change the value to the abbreviation for your desired language. If this value does not exist, you will need to add it. For example, if you were using the German language the syntax would be:

vti_defaultlanguage:SR|de-de

When you open the FPSE 2002 administration pages for your website, you should now see it in your localized language. (Note: You may need to refresh your browser's cache to see it correctly.)

That's all that there is to it. Once again, please note that the version of the FPSE 2002 from RTR is only supported in English; so if you are having any issues, you will need to change the value of the vti_defaultlanguage entry back to "en-us" before you contact RTR for support.

Note: This blog was originally posted at http://blogs.msdn.com/robert_mcmurray/

Posted: Feb 02 2011, 10:59 by Bob | Comments (0)
  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Filed under: FrontPage
Social Bookmarks: E-mail | Kick it! | DZone it! | del.icio.us